Category Archives: Linux

Pinebook Pro Encrypted Home with OpenSUSE

Just a quick tutorial for setting up an encrypted /home partition on your Pinebook Pro with OpenSUSE Tumbleweed.

This assumes you are doing a fresh install. If not, be sure to backup your data.

Initial Installation

Follow OpenSUSE’s tutorial for creating an bootable SD card, booting from it, and putting the same image on the eMMC here:

(I’ll be using the KDE Image and Tow-Boot)

Once you have imaged OpenSUSE to the eMMC, restart and boot from the SD card again.

Resizing Root

Open Konsole (or another terminal) and install the KDE partition manager to the SD card.

zypper install partitionmanager

Open KDE Partition Manager from the Application Launcher

Choose the eMMC device on the left and resize the root partition. I shrink it so roughly 32GB is free for my /home partition at the end of the drive.

Shutdown and remove the SD card.

Boot from the eMMC.

Log in as root.

Once again, install KDE Partition Manager (this time on the eMMC) by opening Konsole and running:

zypper install partitionmanager

Open KDE Partition Manager from the Application Launcher

Create a new partition in the new blank space.

Choose BTRFS with LUKS encryption.

Set a password (you’ll need to enter this password every time you boot, so make sure it’s one you’re remember).

Open Konsole

Ensure that the new partition is unlocked, entering the password if prompted:

cryptsetup luksOpen /dev/mmcblk0p4 luks-`cryptsetup luksUUID /dev/mmcblk0p4`

Added the encrypted partition to crypttab so I can be automatically mounted at boot:

echo luks-`cryptsetup luksUUID /dev/mmcblk0p4` UUID=`cryptsetup luksUUID /dev/mmcblk0p4` none luks >> /etc/crypttab

Add the encrypted partition to fstab so it’s automatically mounted at boot:

echo /dev/mapper/luks-`cryptsetup luksUUID /dev/mmcblk0p4` /home btrfs defaults 0 0 >> /etc/fstab

Reboot. You should be asked for encryption password during the boot process.

Log in as root and open Konsole again.


You should see something like this:

You should see something like this:
NAME                                          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
mmcblk0                                       179:0    0  58.2G  0 disk
├─mmcblk0p1                                   179:1    0    16M  0 part  /boot/efi
├─mmcblk0p2                                   179:2    0   500M  0 part  [SWAP]
├─mmcblk0p3                                   179:3    0  32.7G  0 part  /
└─mmcblk0p4                                   179:4    0    25G  0 part
  └─luks-26a9eb0a-fc68-47f5-917c-89281603cfa8 254:0    0    25G  0 crypt /home

The last partition should be type “crypt” mounted as “/home”. If so, you’re all set!

Finally, create a real user. Their home directory will default to the encrypted /home mount.

Fixing KRDC VNC Scaling

I’m going to show you how to fix a problem that’s driven me crazy literally for years.
If you’re using KRDC to remotely access a computer with VNC, the Scale button, by default, does nothing.
It’s actually a super easy and kind of silly fix. If you prefer video, see my YouTube video on this embedded at the bottom.

If you click the Scale button nothing happens

If you look at the KRDC config file you can see that scaling defaults to 100.


For some reason, this causes the scaling button to do nothing.
To fix this, you could hand edit the krdc config file every time you have a new connection, or, you can just add the Scaling Factor action to the toolbar.

Go Settings then Configure Toolbars

Scroll down and select Scaling Factor
Click the right arrow to add it to the toolbar
Click the up arrow to put it next to Scale
Click OK

If you click Scale, still nothing happens.
Turn Scale on and then drag the slider and scaling will start working!

Turn on Scale and adjust the slider

At this point you won’t have to drag the slider anymore.
Once scale is off of its default value, the scale button works as expected. Simply do this for every new VNC client you connect to.

If you prefer video, follow along here:

Fix for Android SDK Errors in Unity on Linux

When I add Android support for Unity on Linux as an additional module in Unity Hub, I find that Unity is unable to the SDK.

The problem appears to be that Unity does not set the binaries included as executable after extracting. I believe this may be fixed on newer versions of the Editor, but this is an issue for me on 2020.3.28f1.

The simple fix is to make all files in the AndroidPlayer executable. If Unity is open, close it.

Open Konsole or another terminal app.

cd ~/Unity/Hub/Editor/[Unity version]/Editor/Data/PlaybackEngines/AndroidPlayer
find . -type f -exec chmod +x {} \;

When you re-launch Unity, it should have no problem using the Android SDK.

Native KDE File Dialogs in Firefox

One of my favorite things about running KDE’s own distro, KDE Neon, is how it defaults to using the KDE file UI in Firefox. I’m not sure why Kubuntu and Fedora KDE don’t know this, but it’s easy enough to configure.


The magic behind this is Firefox’s ability to use an XDG desktop portal. You probably already have the KDE XDG desktop portal installed, but if not, simply run:

sudo dnf -y install xdg-desktop-portal-kde
sudo apt install xdg-desktop-portal-kde

Configuring Your Shell

Next, we tell GTK apps, like Firefox, to use the KDE file dialogs if they’re able. We do that by setting in a variable in either our ZSH or BASH configuration (whichever your default shell is).

echo export GTK_USE_PORTAL=1 >> .zprofile
echo export GTK_USE_PORTAL=1 >> .profile

Now just log out and back in and you get should native KDE file dialogs when saving or opening files with Firefox!

Thunderbird Flatpak & GTK Themes

One of the reasons I switched to Fedora recently was it’s support for Flatpaks. Sure they’ll work anywhere, but having them be such a big part of Fedora (check out Fedora Kinoite) really intrigued me. I love the idea of having the same version of apps across distros that’s also the latest (or nearly) version of the app.

I also like when every app looks like it’s part of the same ecosystem. The KDE and Gnome devs have done an awesome job of that by making themes that work in both GTK and Qt (KDE) apps. Unfortunately, Flatpak apps using GTK on KDE don’t automatically use the theme you’ve set in System Settings.

To fix that, I’ll show you how you can use the Flatseal app to set the GTK them for Flatpak apps. You can do this through the shell for individual apps and universally, but I prefer this way to give myself flexibility.

I’m assuming you’re using Breeze or Breeze-Dark here. Otherwise, substitute with the theme you are using. If the theme you are using is not in flathub, you might need to choose one that is.

sudo flatpak install org.gtk.Gtk3theme.Breeze
sudo flatpak install org.gtk.Gtk3theme.Breeze-Dark

Install the Flatseal app from flahub as well:

sudo flatpak install com.github.tchx84.Flatseal

Open the Flatseal app and choose Thunderbird on the left.
Scroll down to the variables section, slick the + symbol, and add:


The next time you start Firefox it should be using the Breeze Dark Theme! You can do this for any flaptak app that uses GTK.

Fedora & Plasma Tips

I’m a serial distro jumper. I have been as far back as I can remember. I’d been on Kubuntu for quite a while, happy as can be, which obviously made me bored. With all the hype surrounding Fedora 35, I thought I’d give it a whirl! In a sense, it’s “coming home” for me: I started out on Mandrake way back in the late 90s followed by RedHat and Fedora Core for quite some time. So far, I’m loving Fedora! Here’s some quick tips and tricks I used to make Fedora my own.

ZFS Encrypted Home Directory

I love ZFS and disto-hopping, so using ZFS on a separate drive as my home directory was a no brainer! Here’s my guide on how you can set this up on Fedora or Ubuntu/Kubuntu.

KDE Native File Dialogs in Firefox


RPM Fusion is where many of the apps and utilities you’ll want to use, but Fedora can’t/won’t distribute, live. Amongst these are the NVIDIA propriety drivers, HEIF support, etc.

RPMFusion is more or less “official” and is often referenced in the Fedora documentation. You can fairly safely add this repository without fear of configuration explosions or security risks.

Click this link, and choose your version of Fedora under the Graphical Setup heading:


One of the great things about Fedora is it’s becoming built around the idea of having all of your apps installed as Flatpaks. This increases system security, ensures you always have the latest versions of apps, and make it easy to always run the same version of apps across multiple distros. This is really handy if you’re sharing files across distros.

While Fedora hosts many Flatpacked (I think that’s a verb) apps on their infrastructure, I prefer Flathub which tends to be a bit more up-to-date, has more apps, and is available on pretty much every distro available.

Here’s Flathub’s instructions on how to make their apps available in Fedora:


(coming soon)

HEIC/HEIF Images in Gwenview & Dolphin

Gwenview is KDE’s default image viewer. It’s a great application, but it’s missing HEIF image support out-of-the-box. If you have an iPhone, this probably the format all of your photos are stored in. Luckily, adding HEIF support fore Gwenview is very simple in Fedora!

First, make sure to install the RPM Fusion repository. Instructions are above:

Next, run the lines below to update your repository database and install the plugin.

sudo dnf update
sudo dnf install qt-heif-image-plugin

The steps below do no appear to be necessary in KDE 5.25+

Now that you have support for HEIC/HEIF installed, you can configure Dolphin to show image previews.

sudo nano /usr/share/kservices5/qimageioplugins/heic.desktop

Paste in the following:

[Desktop Entry]

sudo nano /usr/share/kservices5/qimageioplugins/heif.desktop

Paste in the following:

[Desktop Entry]

sudo nano /usr/share/kservices5/imagethumbnail.desktop

Add to the end of MimeTypes:


Finally, log out and back in.



For reasons I still can’t suss out (and I had these same issues with Kubuntu and Thunderbird installed from apt), I always end up with 24 hour dates in the mail list. Now, arguments over the best format aside, I’d really just like to see them as eg: 2:15 PM.

To fix this, 1st open Thunderbird then go to Preferences. Scroll to the bottom and click “Config Editor.”

Type in: intl.date_time.pattern_override.time_short
Click the “+” symbol to add a new config and choose “string”
Set it to: h:mm a

You can find all of your options here:

Hiding the GRUB Boot Menu

(coming soon)


If you using Unity3D, you may find you have issues with Visual Studio Code, Omnisharp, and the version of mono that comes with Fedora. Here’s my quick fix:

That’s all! I hope you found some of these tips and tricks useful and enjoy what I’m finding to be a fantastic distro!

ZFS Home Directory

I tend to hop from Linux distro to Linux distro. One of the things that makes doing so much easier is keeping my home folder on a separate disk. That way I can re-install distributions to my heart’s content without fear of losing my files and settings.

I’m also a big fan of ZFS (ZFS on Ubuntu Server). That means jumping through a few extra hoops to setup ZFS on a separate drive as well as re-importing the zpool every time I swap distributions, but I find it’s well worth it. Here’s a handy guide on how to do just that! I’ll be showing the steps for Fedora and Kubuntu, but they should generally apply to other distros as well.

Disclaimer: I’ve not a ZFS expert, but these steps have worked very well for me on multiple systems. YMMV.

One quick note: ZFS works best with plenty of RAM (it will use everything available to keep data cached). If you are on a RAM-limited system, you can do something similar with encrypted XFS or EXT4.

Pre-Step: Setup Encrypted Home Drive

I’ll be configuring ZFS to use an encryption key stored on the root drive. This is only secure if the root drive is also encrypted. Make sure when you install Linux you tell the installer to use drive encryption.

It will look like this in Fedora:

Encrypted root drive in Fedora

And like this in Ubuntu:

Encrypted root drive in Kubuntu

You’ll be asked to set a password that’s used to encrypt your root drive. You cannot change this password and you’ll be asked to enter this password every time you boot your computer, so make sure you do not forget it!

Don’t worry about configuring your 2nd drive with your home folder during the installation. I find it’s much easier to have the distribution do it’s typical install, then go back and mount your new /home. Just make sure that you create yourself as an administrator or have a root password set.

Once you’ve installed your new distro, reboot into it, but don’t log in. Your computer will get grumpy if you’re logged into a desktop environment while swapping out your home directory.

Press Control-Alt-F3 to get to a terminal window then log in as yourself if you made your account an administrator, or ‘root’ if you did not.

ZFS Installation


Make sure Fedora up-to-date

sudo dnf -y update

If there are any updates, reboot (sudo reboot), press Control-Alt-F3, and log back in.

Install ZFS for Fedora by following the official steps below, do not use the zfs-fuse package included with Fedora:

sudo apt install zfsutils-linux

Creating a New Home Drive

If you already have created a home drive and are re-attaching after re-installing Linux, skip to Importing an Existing Home Drive.

To make things easier, I’ll be running all of the commands as root by first running:

sudo -s

Create an encryption key that will be used to encrypt and decrypt your home drive. Make sure this is only stored on an encrypted root drive and that you have backed up this key somewhere safe. If you lose this key you will lose all access to your drive. You’ve been warned 😉

dd if=/dev/urandom of=/etc/home.key bs=32 count=1 && chmod 600 /etc/home.key

Next you’ll need to find out the name of your drive. Since easy names (e.g. sda, sdb) can change, we want to set it up by something that will not change. I’ll be using the device’s physical location.

Let’s make sure we know which drive has Linux installed on it, and which is going to be used for our home drive, by runing:


This will list all of your drives (also called block devices), any partitions on them, and where those partitions are mounted. My output (on a virtual machine) looks like the following. On real hardware, your devices will probably be called sda and sdb (if they’re SATA), or nvme0n1 and nvme1n1 (if they’re nvme):

NAME                                          MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINTS
sr0                                            11:0    1    2G  0 rom    
zram0                                         251:0    0  5.8G  0 disk  [SWAP]
vda                                           252:0    0   64G  0 disk   
├─vda1                                        252:1    0    1G  0 part  /boot
└─vda2                                        252:2    0   63G  0 part   
 └─luks-a954d91b-fda3-4c22-90a6-2b35554129b1 253:0    0   63G  0 crypt /home
vdb                                           252:16   0  128G  0 disk  

I can see here that my disk with Linux installed on it is called vda, since it has multiple partitions (vda1 and vda2) that are all mounted (as /boot and /). The disk with nothing installed on it is vdb. Therefore, I’ll need to check the physical location of vdb. Please comment below if you’re having trouble figuring out which drive is which and I’ll try to give you a hand!

To list all disks by their location, run:

ls -lh /dev/disk/by-path/

The result will look something like this:

total 0
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:00:1f.2-ata-1 -> ../../sr0
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:00:1f.2-ata-1.0 -> ../../sr0
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:07:00.0 -> ../../vda
lrwxrwxrwx. 1 root root 10 Jan 28 09:42 pci-0000:07:00.0-part1 -> ../../vda1
lrwxrwxrwx. 1 root root 10 Jan 28 09:42 pci-0000:07:00.0-part2 -> ../../vda2
lrwxrwxrwx. 1 root root  9 Jan 28 09:42 pci-0000:08:00.0 -> ../../vdb

This tells me that the path I’ll be using is /dev/disk/by-path/pci-0000:08:00.0, since that’s the one that’s being called vdb (see the end of the last line).

We’re finally ready to create our ZFS filesystem! First we create a zpool that encompasses all of the drives we’ll be using (we’ll just be using one, but ZFS can be mirrored or RAIDed in more advanced setups).

The command we’ll run is:

zpool create homepool -O xattr=sa -O acltype=posixacl -O atime=off -O compression=lz4 -O encryption=aes-256-gcm -O keyformat=raw -O keylocation=file:///etc/home.key -o ashift=12 /dev/disk/by-path/[your disk here]

Here’s what some of those options mean:
ashift=12 : This specifies the drive’s block size. From what I’ve cobbled together, use the number 12 for most use cases unless it’s a Samsung NVME or you know your drive uses 8K clusters. In that case, use 13.
homepool: this is the name we’ve given to the zpool. You can use something else if you’d prefer.
compression=lz4: This compresses all data, increases the performance of ZFS, and essentially costs no additional CPU resources. More information here:
encyption=aes-256-gcm: Use AES 256 GCM encryption which is both highly secure and hardware accelerated

Now, let’s check out that brand new zpool!

zpool status

You should see something like this:

  pool: homepool
 state: ONLINE

        NAME                STATE     READ WRITE CKSUM
        homepool            ONLINE       0     0     0
          pci-0000:08:00.0  ONLINE       0     0     0

errors: No known data errors

A zpool is a container for filesystems. Now that we’ve got one, we can create a filesystem where our home drive will live. In all of the steps below, replace [user] with your username.

zfs create homepool/[user]

To see information on this new filesystem, you can run:

zfs list

Now, let’s replace our old home drive (that was created when Linux was installed) with the filesystem on our second drive:

cd /home
mv /home/[user] /home/[user].bak
mkdir /home/[user]/
zfs set mountpoint=/home/[user] homepool/[user]
zfs set mountpoint=none homepool
chmod --reference=/home/[user].bak /home/[user]
mv /home/[user].bak/* /home/[user]/
mv /home/[user].bak/.* /home/[user]/
rmdir /home/[user].bak
chown -R [user]:[user] /home/[user]
#For Fedora and other distros with selinux, run the next line too:
restorecon -vR /home

Linux doesn’t yet load keys for encrypted zfs mounts automatically. You’ll need to create a simple service to automatically load zfs encryption keys on boot.
Like most good things, this is from the Arch Linux wiki:
You MUST do this before you reboot or you will not be able to log in graphically. If you forget, press Control-Alt-F3 and log into the console.

nano /etc/systemd/system/zfs-load-key.service

Type in the following (if you’re uncomfortable typing by hand, you should be able to switch to the graphical login (Fedora: Control-Alt-F2, *buntu Control-Alt-F1) and copy paste).

Description=Load encryption keys

ExecStart=/usr/sbin/zfs load-key -a


Next, tell Linux to start the new service every time it boots:

systemctl enable zfs-load-key

Finally, reboot and log in normally to make sure everything works as anticipated:


Now you should have a fully functioning install with encrypted ZFS home directory! Remember to backup /etc/home.key somewhere secure that *isn’t* in your home directory, since you’ll need to copy this key back any time you re-install Linux. I’d recommend an encrypted USB key.

If you have multiple users, you can follow those same steps to create a zfs filesystem for each of them in zpool you created.


If you use Steam and want to keep your game installations separate so they don’t get backed up with zfs snapshots, you can create a separate filesystem for it.

mkdir -p /home/[user]/.local/share/Steam
sudo zfs create homepool/[user]/steam -o mountpoint=/home/[user]/.local/share/Steam

Importing an Existing Home Drive

Only follow these steps if you’ve re-installed Linux. They aren’t necessary if you just created a new zpool above.

After you’ve re-installed Linux, make sure you complete ZFS Installation above. Once those are done, you can proceed from here.

If you are not the root user yet, run:

sudo -s

Next, you’ll need to copy your backed up key to /etc/home.key

If it’s stored on an encrypted flash drive, it may be easiest to log in graphically, restore the file, then log out and return the console with Control-Alt-F3.

Once it’s restored, make sure it still has the correct permissions

chown root:root /etc/home.key && chmod 600 /etc/home.key

Rename your existing home directory:

cd /home
mv /home/[user] /home/[user].bak
mkdir /home/[user]
chmod --reference=/home/[user].bak /home/[user]
chown [user]:[user] /home/[user]

List all zpools the system can find for import:

zpool import

You should see your homepool listed

   pool: homepool
     id: 16378698673868876678
  state: ONLINE
 action: The pool can be imported using its name or numeric identifier.

        homepool            ONLINE
          pci-0000:08:00.0  ONLINE

You can now import it by name and mount the zfs filesystems:

zpool import homepool

Before the filesystems can be mounted, we’ll need to create and enable the ZFS key loading service.

nano /etc/systemd/system/zfs-load-key.service

Type in the following:

Description=Load encryption keys

ExecStart=/usr/sbin/zfs load-key -a


Next, tell Linux to start the new service every time it boots, and start it now:

systemctl enable --now zfs-load-key

Finally, we can mount all of the zfs filesystems:

zfs mount -a

You can confirm they are mounted by typing:


The last line of the output should be something similar to:

homepool/adam on /home/adam type zfs (rw,noatime,seclabel,xattr,posixacl)

If you’re on Fedora, be sure to run the following to make selinux happy:

restorecon -vR /home

Reboot and log in. Since all of your personal settings are saved to your home drive, everything should be exactly how you left it!

Memory Usage

If you find ZFS is using too much memory (apps keep crashing), you can adjust how much RAM ZFS uses for its cache (how much of your drive it keeps in memory for quick access).

To test different settings, set the maximum arch size in bytes and then clear the cache. This setting is temporary, so if you run intro trouble, just reboot.

sudo echo "8589934592" > /sys/module/zfs/parameters/zfs_arc_max
sudo echo 3 > /proc/sys/vm/drop_caches

Once you’ve found a size that works for you, you can set the size permanently.

sudo echo "options zfs zfs_arc_max=8589934592" >> /etc/modprobe.d/zfs.conf

Unity3d On Fedora

I recently switched from Ubuntu to Fedora and realized that Omnisharp in VS Code for Unity3D projects was not working correctly, even with Use Global Mono set to Always.

The fix ended up being simple: even though they are the same version, install Mono from the mono project’s repository, not Fedora’s.

First: Install mono from here:

Then, open VS Code and go to settings. To make this change for all projects, click User. To change for just this project (which I’d recommend) click Workspace. This will allow you to do your regular .Net development using the built-in mono (and eventually .Net Core).

Set Omnisharp: Use Global Mono to “always.”

That’s it! That should do the trick.

Borderlands 3 on Linux

I was struggling to get videos working on Borderlands 3 on Linux through Steam and Proton. Without the videos, there are parts of the game you are unable to get past.

I found pieces to the puzzle on Proton DB ( but there were still some tweaks I had to make.

YMMV, but this is what worked for me on Kubuntu 20.04 with Radeon Graphics.

Make sure you have told Steam to run all Windows games in Proton 5.

Run the game:

Before you can install the media foundation workarounds you need the Proton setup for the game to have run. That’s easily done by just running Borderlands 3 once and then exiting out once you’re at the title screen.

Install the prerequisites:

sudo apt install git cabextract python2 libudev1

Download and install media foundation workaround

Note that anywhere you see “Proton 5.0” you’ll need to use whatever the latest version number of proton is or the version you specified if you’re having the game run with a specific version.

mkdir ~/Downloads/bl3-mf/
cd ~/Downloads/bl3-mf/
git clone
cd mf-install/
WINEPREFIX="$HOME/.steam/steam/steamapps/compatdata/397540/pfx" PROTON="$HOME/.steam/steam/steamapps/common/Proton 5.0" ./ -proton
cd ..

Download and install the media foundation cab workaround

At the time of this post, the installer seems to be pointing to a file on Microsoft’s website that doesn’t exist anymore. These steps will download a working file manually and rename it to what the script expects. If you see a 404 error, you can ignore. If not, then the script has been fixed to point to a good location now.

sudo ln -svf /usr/lib/x86_64-linux-gnu/ /usr/lib/x86_64-linux-gnu/
git clone
cd mf-installcab/
mv windows6.1-kb976932-x64_74865ef2562006e51d7f9333b4a8d45b7a749dab.exe windows6.1-KB976932-X64.exe
WINEPREFIX="$HOME/.steam/steam/steamapps/compatdata/397540/pfx" PROTON="$HOME/.steam/steam/steamapps/common/Proton 5.0" ./ -proton
cp mfplat.dll "$HOME/.steam/steam/steamapps/common/Borderlands 3/OakGame/Binaries/Win64/"

That’s it; see you on Pandora!

FIX: Plasma 5, Konsole, & TMUX

The Problem:

I recently fired up Konsole and tried using tmux when I suddenly realized that Control-B wasn’t working.

Plasma, in one of their recent updates, seems to have added an “Add Bookmark” global shortcut to all Plasma apps mapped to Control-B. While it’s active, Control-B in Konsole won’t get sent to tmux, but will instead keep adding bookmarks to the Konsole Bookmarks menu.

The Fix:

Open System Settings
Under “Workspace” choose “Shortcuts”
Select “Standard Shortcuts”
Find “Add Bookmark” in the list
Change the Shortcut to Custom, then don’t assign a key sequence. This will set it to none.

Once changed, tmux should immediately start working again